Created attachment 549463[details]
Native systemd service for dropbear keygen
It's sufficient for user only to start/enable dropbear.service and it will call dropbear-keygen.service which will generate the keys for them...

This isn't technically fixed I'm afraid.
Dropbear PAM support needs to be enabled otherwise connected sessions will be killed when restarting the service.
I tried to doing this on a different dirstro, but it seems the pam support is somewhat lacking and doesn't seem to work and register a user session with systemd-logind so there will need to be code fixes too I believe.
Figured I'd let you know.

Just to provide an easy test case (how I tested):
1. Term 1: root$ systemctl start dropbear.service
2. Term 2: user$ ssh user@localhost
3. Term 1: root$ systemctl status dropbear.service
If the pam stuff is not working, then you should see the user's bash process in the output from 3, and issuing a "systemctl restart dropbear.service" will kick the user out.
Hope that helps. I'm not a pam expert, but I think it uses the /etc/pam.d/sshd file. Even if that is properly configured to use pam_systemd.so for the session, it still seems to fail, so likely it's misusing pam API in some way.

Note

You need to
log in
before you can comment on or make changes to this bug.